[linux-cifs-client] CIFS Permissions mapping from Linux to
windows shares
apostolos pantazis
apostolos.pantazis at gmail.com
Fri Mar 20 16:40:30 GMT 2009
Thanks Shirish. Long story short I worked with some of the windows
sysadmins and figured this out. However, I would like to mention a few
things:
We use DNS for lookups any combination of myshare or
myshare.fullyqualifieddomain.corp gave me an error during POST. The
error was something along the line parsing options "the mount options"
could not find target server. TCP name myshare not found rc =3
No ip adress specified and hostname found
Now that would make sense since it appears to me that the Linux Kernel
mounts filesystems at 2 stages first all local (before setting up the
network) and then there is a portion after network setup were it looks
and mounts CIFS/SMBFS VFS. At this point, and only when specifying the
cluster share IP adress as part of the mount //my_ip .... I was able
to mount np.
Is there a way as part of the mount parameters to tell linux something
like "Hey, this is filesystem which requires network to be setup
before mounting - hold off until the network is up, then mount".
Thanks Sir.
On Thu, Mar 19, 2009 at 3:36 PM, Shirish Pargaonkar
<shirishpargaonkar at gmail.com> wrote:
> On Thu, Mar 19, 2009 at 9:17 AM, apostolos pantazis
> <apostolos.pantazis at gmail.com> wrote:
>> Shirish, here are the details:
>>
>> The Old entry (using smbfs) was as follows:
>>
>> //myshare/Paul$ /Paul/Test smbfs
>> rw,credentials=/etc/.smbpassword2,workgroup=AP,uid=11119,gid=8890,dmask=770,fmask=770
>> 0 0
>>
>> The new entry (using CIFS) looks like:
>>
>> //myshare/Paul$ /Paul/Test cifs
>> rw,credentials=/etc/.creds2,domain=AP,uid=11119,gid=8890,dir_mode=0770,file_mode=0770
>> 0 0
>>
>> The .creds2 file is different from the .smbpasswd2 file in the
>> following aspects:
>>
>> .smbpasswd2 used to look like:
>>
>> username = AP/myusername
>> password = Thepassword
>>
>> .creds2
>>
>> username=myusername
>> password=The password
>>
>> In other words, the .creds2 file does not contain any spaces on either
>> side of the equal sign and it does not specify a domain as from what I
>> understand under CIFS,
>> The only other "main" difference is that dmask and fmask have been
>> replaced with dir_mode and file_mode and are now expressed in octal.
>> There were no changes on the windows share side to accommodate this I
>> assumed it would work the same. The reason for not making any changes
>> is that I don't understand how the UNIX permissions (SLES 9 SP3 in
>> this case so actually Linux) map on the windows side. Does CIFS work
>> different than smbfs used to in this aspect?
>>
>>
>> Here is the information on the loaded CIFS module:
>>
>> version: 1.33 7C34472C845ED754C697073
>> description: VFS to access servers complying with the SNIA CIFS
>> Specification e.g. Samba and Windows
>> license: GPL
>> author: Steve French <sfrench at us.ibm.com>
>> parm: cifs_max_pending:Simultaneous requests to server.
>> Default: 50 Range: 2 to 256 (int)
>> parm: cifs_min_small:Small network buffers in pool. Default:
>> 30 Range: 2 to 256 (int)
>> parm: cifs_min_rcv:Network buffers in pool. Default: 4
>> Range: 1 to 64 (int)
>> parm: CIFSMaxBufSize:Network buffer size (not including
>> header). Default: 16384 Range: 8192 to 130048 (int)
>> depends:
>> supported: external
>> vermagic: 2.6.5-7.287.3-bigsmp SMP PENTIUMII REGPARM gcc-3.3
>>
>>
>>
>> My running Kernel is: 2.6.5-7.287.3-bigsmp
>>
>> I sure appreciate the help.
>>
>>
>>
>>
>>
>> On Thu, Mar 19, 2009 at 6:29 AM, Shirish Pargaonkar
>> <shirishpargaonkar at gmail.com> wrote:
>>> On Wed, Mar 18, 2009 at 4:26 PM, apostolos pantazis
>>> <apostolos.pantazis at gmail.com> wrote:
>>>> I am mounting a few filesystems from a Windows share to some of my
>>>> Linux Servers. Recently, there was a lot of talk in regards to smbfs
>>>> becoming deprecated under the latest kernels and so we decided to
>>>> replace our smbfs mounts with cifs. Read the manual, looked online
>>>> Read the man page, made the appropriate changes in fstab and properly
>>>> mounted the filesystems. All ok so far. However, when trying to do an
>>>> ls from the Linux side to see the contents of the share - permission
>>>> denied. I kept the same permissions as the smbfs mounts used (only
>>>> expressed in octal for CIFS)the same username and password I was
>>>> mounting as before and no luck. What changed in CIFS in the way
>>>> permissions map from Linux to windows? If anyone could explain this I
>>>> would be very grateful.
>>>>
>>>> Thank you kindly.
>>>> --
>>>> Paul
>>>> _______________________________________________
>>>> linux-cifs-client mailing list
>>>> linux-cifs-client at lists.samba.org
>>>> https://lists.samba.org/mailman/listinfo/linux-cifs-client
>>>>
>>>
>>> How are you mounting the share? Would you be able to provide that entry?
>>> You can also add cifsacl mount option.
>>> What is the version of cifs module?
>>>
>>> If you can provide a tcpdump of the failing ls command, that would be useful.
>>>
>>> Regards,
>>>
>>> Shirish
>>>
>>
>>
>>
>> --
>> Paul
>>
>
> I used the same setup you have, excpet that I added cifsacl as one of
> the mount options in /etc/fstab entry
> to mount a share exported by a Windows 2003 server and things worked
> fine. But then I am at 1.57 version of cifs.
>
> I am not sure whether acl support for Windows (acl to unix permissions
> translations) exists in the version of
> cifs code you have.
> Do you have access to the source code on this box? If so you can
> check whether cifsacl.c and cifsacl.h are
> built into the cifs module. This code is still experimental, so you
> will have to build cifs module with that
> config option as well (CONFIG_CIFS_EXPERIMENTAL=y)
>
> But I certainly did not have a permission denied error during ls command.
>
> I have not used smbfs that extensively to compare smbfs and cifs and comment.
>
> Regards,
>
> Shirish
>
--
Paul
More information about the linux-cifs-client
mailing list